package com.samsung.android.service.health.security;

import android.content.Context;
import android.os.Bundle;
import android.text.TextUtils;
import com.samsung.android.sdk.healthdata.privileged.datamigration.DataMigrationControl;
import com.samsung.android.sdk.healthdata.privileged.util.EventLog;
import com.samsung.android.sdk.healthdata.privileged.util.LogUtil;
import com.samsung.android.sdk.healthdata.privileged.util.ModelUtil;
import com.samsung.android.service.health.data.LegacyCommon;
import java.io.IOException;
import java.util.Arrays;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public final class SecureStorageKeyRepository {
    private final Context mContext;
    private byte[] mDbKey;
    private static final String TAG = LogUtil.makeTag("SecureStorageKeyRepository");
    private static final Object OP_LOCK = new Object();

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: $VALUES field not found */
    /* JADX WARN: Failed to restore enum class, 'enum' modifier and super class removed */
    /* loaded from: classes.dex */
    public static final class SecureStorageStatus {
        public static final int SS_TRUE$7599d1df = 1;
        public static final int SS_FALSE$7599d1df = 2;
        public static final int SS_UNCLEAR_FALSE$7599d1df = 3;
        private static final /* synthetic */ int[] $VALUES$1983b3ba = {SS_TRUE$7599d1df, SS_FALSE$7599d1df, SS_UNCLEAR_FALSE$7599d1df};
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SecureStorageKeyRepository(Context context) {
        this.mContext = context;
    }

    private byte[] checkDbKeyFromSecureStorage() {
        byte[] bArr = null;
        Context context = this.mContext;
        int i = 0;
        while (true) {
            if (i >= 5) {
                break;
            }
            Bundle call = context.getContentResolver().call(LegacyCommon.TRUSTZONE_AUTHORITY_URI, "get_secure_password", (String) null, (Bundle) null);
            if (call != null) {
                String string = call.getString("ss_err_message");
                if (string != null && !string.isEmpty()) {
                    ServiceLogger.doSsLogging(context, string, true);
                }
                bArr = call.getByteArray("value_of_password");
            } else {
                i++;
            }
        }
        if (i > 0) {
            ServiceLogger.doKmLogging(context, "KeyGenSS3:" + (bArr != null) + '(' + i + ')', true);
        }
        return bArr;
    }

    private static int checkSecureStorageSupported$d950c14(Context context, boolean z) {
        try {
            LogUtil.LOGD(TAG, "Start to checking isSecureStorageSupported from health service");
            Bundle call = context.getContentResolver().call(LegacyCommon.TRUSTZONE_AUTHORITY_URI, "secure_storage_support", (String) null, (Bundle) null);
            if (call != null) {
                String string = call.getString("ss_err_message");
                if (!TextUtils.isEmpty(string)) {
                    ServiceLogger.doSsLogging(context, string, true);
                }
                return call.getBoolean("boolean_secure_storage_support") ? SecureStorageStatus.SS_TRUE$7599d1df : SecureStorageStatus.SS_FALSE$7599d1df;
            }
        } catch (IllegalArgumentException e) {
            String message = e.getMessage();
            if (message == null || !message.contains("Unknown URI")) {
                ServiceLogger.doKmLogging(context, "isSSS_Other" + message, true);
                LogUtil.LOGE(TAG, "Checking secure storage support failed : " + message);
            } else {
                ServiceLogger.doKmLogging(context, "isSSS_UnknownURI", true);
                LogUtil.LOGD(TAG, "HealthService's CP is not ready : " + message);
            }
        } catch (SecurityException e2) {
            LogUtil.LOGD(TAG, "HealthService denied to access : " + e2.getMessage());
            return SecureStorageStatus.SS_FALSE$7599d1df;
        } catch (Exception e3) {
            ServiceLogger.doKmLogging(context, "isSSS0" + e3.getMessage(), true);
            LogUtil.LOGE(TAG, "Checking secure storage support failed : " + e3.getMessage());
        }
        return SecureStorageStatus.SS_UNCLEAR_FALSE$7599d1df;
    }

    private byte[] getDbKeyFromSecureStorage() {
        byte[] bArr = null;
        try {
            bArr = checkDbKeyFromSecureStorage();
        } catch (Exception e) {
        }
        if (bArr == null) {
            return null;
        }
        if (KeyMdFile.isDifferentWithStoredMd(this.mContext, bArr, true)) {
            ServiceLogger.doSsLogging(this.mContext, "KeyChanged", true);
        }
        if (DbChecker.checkDbKeyValidity(this.mContext, bArr, null)) {
            return bArr;
        }
        ServiceLogger.doSsLogging(this.mContext, "KeyChangedWrong", true);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean isSecureStorageSupported(Context context) {
        boolean isSecureStorageSupported;
        synchronized (OP_LOCK) {
            isSecureStorageSupported = isSecureStorageSupported(context, 5, 500);
        }
        return isSecureStorageSupported;
    }

    private static boolean isSecureStorageSupported(Context context, int i, int i2) {
        if (!ModelUtil.isSsSupportedModel(context)) {
            LogUtil.LOGD(TAG, "This model is not supported by secure storage");
            return false;
        }
        int i3 = SecureStorageStatus.SS_UNCLEAR_FALSE$7599d1df;
        int i4 = 0;
        while (i4 < 5) {
            i3 = checkSecureStorageSupported$d950c14(context, false);
            if (i3 != SecureStorageStatus.SS_UNCLEAR_FALSE$7599d1df) {
                break;
            }
            try {
                Thread.sleep(500L);
            } catch (InterruptedException e) {
            }
            i4++;
        }
        if (i4 >= 5) {
            ServiceLogger.doKmLogging(context, "isSSS0_FinalCheck", true);
        }
        boolean z = i3 == SecureStorageStatus.SS_TRUE$7599d1df;
        LogUtil.LOGD(TAG, "Checking isSecureStorageSupported : " + z);
        return z;
    }

    private byte[] setKrmToSs() {
        byte[] bArr = null;
        try {
            bArr = checkDbKeyFromSecureStorage();
        } catch (Exception e) {
        }
        if (bArr == null) {
            if (DataMigrationControl.isMigrationRequired(this.mContext)) {
                byte[] up = new DefaultPasswordKeyRepository(this.mContext).setUp();
                if (up != null) {
                    EventLog.print(this.mContext, "KM_MIG : DB state default");
                } else {
                    ServiceLogger.doKmLogging(this.mContext, "KgetSSKS_GoToDPW_Fail", true);
                    EventLog.print(this.mContext, "KM_MIG : DB state default fails");
                }
                return up;
            }
            Bundle call = this.mContext.getContentResolver().call(LegacyCommon.TRUSTZONE_AUTHORITY_URI, "create_secure_password", (String) null, (Bundle) null);
            if (call != null) {
                String string = call.getString("ss_err_message");
                if (string != null && !string.isEmpty()) {
                    ServiceLogger.doSsLogging(this.mContext, string, true);
                }
                bArr = call.getByteArray("value_of_password");
            } else {
                bArr = null;
            }
            if (bArr == null) {
                ServiceLogger.doKmLogging(this.mContext, "KeyGenSS1", true);
                bArr = null;
            } else if (Arrays.equals(bArr, checkDbKeyFromSecureStorage())) {
                EventLog.print(this.mContext, "SS key is generated");
                ServiceLogger.doKmLogging(this.mContext, "SSNewKeyCreated", true);
            } else {
                ServiceLogger.doKmLogging(this.mContext, "KeyGenSS2", true);
                bArr = null;
            }
        }
        if (bArr != null) {
            try {
                KeyMdFile.writeMdFirst(this.mContext, bArr, "ss_key_md");
            } catch (IOException e2) {
            }
        }
        return bArr;
    }

    public final byte[] retrieve() {
        byte[] bArr;
        synchronized (OP_LOCK) {
            if (this.mDbKey == null) {
                this.mDbKey = getDbKeyFromSecureStorage();
            }
            bArr = this.mDbKey;
        }
        return bArr;
    }

    public final byte[] setUp() {
        byte[] krmToSs;
        synchronized (OP_LOCK) {
            krmToSs = setKrmToSs();
        }
        return krmToSs;
    }
}
